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Amendments to the Claims 



1 1. (Previously Amended) A system for analyzing a solution including a plurality of 

2 components and for designing security into that solution, the system comprising: 

3 a first system which identifies the security threats for the solution; 

4 a second system which identifies determines the security properties and 

5 functions of the overall solutio n, based on a set of security functions attributable to 

6 defined that uses, as a baseline, a security model comprising a plurality of interrelated 

7 and interdependent security subsystems, the security subsystems further comprising 

8 an audit subsystem, an integrity subsystem, and an information flow control 

9 subsystem; 

10 a third system which is coupled to the second system and which allocates 

11 security properties to the components of the solution based upon the selected functions 

12 which are derived from the nature and number of the security subsystems within the 

13 solution; 

14 a fourth system which is coupled to the third system for allocating the security 

15 properties to the components of the solution and which identifies functional 

16 requirements for the components, in terms of the Common Criteria, in order to comply 

17 with the security properties of the component allocated by the third system; and 

18 a system which is coupled to the fourth system and which documents the 

19 requirements for the security components for the system. 
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(Original) A system for designing security into a solution including the 
elements of Claim 1 wherein the second system which identifies security 
properties of the overall solution includes a component which uses standard 
security subsystems for identifying security properties. 

(Original) A system for designing security into a solution including the elements 
of Claim 2 wherein the standard criteria for identifying security properties 
includes a system which maps functions of standard security subsystems to an 
ISO standard 15408, also known as Common Criteria. 

(Original) A system for designing security into a solution including the elements 
of Claim 1 wherein the system further includes a system which documents the 
solution and the security assumptions using a solution design security 
methodology. 

(Currently Amended) A system for designing security into a solution including 
the elements of Claim 4 wherein the integrity subsystem system further 
provides integrity assurance requirements using a standard set of criteria. 

(Original) A system for designing security into a solution including the elements 
of Claim 5 wherein the standard set of criteria are in accordance with ISO 
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1 7. (Currently Amended) A method of designing security for a solution in a system 

2 which includes insecure components, the steps of the method comprising: 

3 identifying the security threats to the solution; 

4 determining the security properties in terms of a plurality of interconnected 

5 and interdependent security subsystems by that, inter aha, managing manage audits, 

6 managing integrity, and managing information flow control as a baseline model of the 

7 overall solution. 

8 assigning selected security properties for the overall solution to components of 

9 the solution^ 

10 enumerating security requirements for infrastructure, components and 

11 operations; 

12 developing integrity assurance requirements; and 

13 creating at least one functional technology diagram to document security 

14 requirements for the solution. 

1 8. (Currently Amended) A method of designing a secure solution including the 

2 steps of Claim 7 wherein the method further includes the step of ranking the 

3 security threats to the overall solution and considering the biggest threats to the 

4 security properties of the overall solution in terms of the security subsystems . 
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(Currently Amended) A method of designing a secure solution including the 
steps of Claim 8 wherein the step of ranking the security threats to the security 
properties of the overall solution includes the step of doing less for security 
threats not considered substantial threats to the security properties of the 
overall solution in terms of the security subsystems . 

(Original) A method of designing a secure solution including the steps of Claim 
7 wherein the method further includes the step of documenting the solution 
environment and security assumptions and using the environment and security 
assumptions in developing the security properties of the overall solution. 

(Currently Amended) A method of designing a secure solution including the 
steps of Claim 7 wherein the method further includes the step of developing an 
integrity assurance requirements for the solution and using those integrity 
assurance requirements in the functional technology diagram(s) for the solution. 

(Original) A method of securing a solution including the steps of Claim 7 
wherein the step of determining the security properties of the overall solution 
includes the step of using standard criteria for evaluating the solution. 
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(Original) A method of securing a solution including the steps of Claim 12 
wherein the step of determining the security properties of the overall solution 
includes the step of using the Common Criteria of ISO Standard 15408. 

(Original) A method of securing a solution including the steps of Claim 7 
wherein the step of enumerating security requirements for infrastructure, 
components and operations includes the step of using an industry standard 
security criteria. 

(Original) A method of securing a solution including the steps of Claim 14 
wherein the step of using an industry standard security criteria includes the 
step of using Common Criteria which conforms to ISO Standard 15408. 

(Original) A method of securing a solution including the steps of Claim 7 
wherein the step of enumerating security requirements for infrastructure, 
components and operations includes the step of identifying, enumerating and 
describing a number of standard security subsystems that in total represent the 
security function of the solution. 
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